CNNVD-202509-3645 Information

Sep 23, 2025 cve

CNNVD ID

CNNVD-202509-3645

CVE-2025-59822

CNNVD Published: 2025-09-23

Description (Chinese)

Http4s是Http4s开源的一款开源的用于Scala的流HTTP服务器。 Http4s 1.0.0-M1版本至1.0.0-M45之前版本和0.23.31之前版本存在安全漏洞，该漏洞源于HTTP trailer部分处理不当，可能导致HTTP请求夹带技术攻击。

Description (English)

Http4s is an open source of an open-source HTTP server for Scala. Http4s 1.0.0-M1 versions to 1.0.0-M45 and 0.23.31 contain a security loophole, which stems from the partial mishandling of HTTP tracker, which may result in HTTP requesting a strapped technical attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

唤客猫

Published

2025-09-23

Last Modified

2026-02-24

References

https://github.com/

Patch

https://github.com/http4s/http4s/releases

Share on: